net · v3.12.33 · Upstream / linux-stable

mac80211: fix typo in starting baserate for rts_cts_rate_idx

Karl Beldan authored 10 years ago

commit c7abf25a upstream.

It affects non-(V)HT rates and can lead to selecting an rts_cts rate
that is not a basic rate or way superior to the reference rate (ATM
rates[0] used for the 1st attempt of the protected frame data).

E.g, assuming drivers register growing (bitrate) sorted tables of
ieee80211_rate-s, having :
- rates[0].idx == d'2 and basic_rates == b'10100
will select rts_cts idx b'10011 & ~d'(BIT(2)-1), i.e. 1, likewise
- rates[0].idx == d'2 and basic_rates == b'10001
will select rts_cts idx b'10000
The first is not a basic rate and the second is > rates[0].

Also, wrt severity of the addressed misbehavior, ATM we only have one
rts_cts_rate_idx rather than one per rate table entry, so this idx might
still point to bitrates > rates[1..MAX_RATES].

Fixes: 5253ffb8

 ("mac80211: always pick a basic rate to tx RTS/CTS for pre-HT rates")
Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>

94f13cde

Name	Last commit	Last update
..
802	mrp: add periodictimer to allow retries when packets get lost	11 years ago
8021q	net: Always untag vlan-tagged traffic on input.	10 years ago
9p	9p/trans_virtio.c: Fix broken zero-copy on vmalloc() buffers	11 years ago
appletalk	appletalk: Fix socket referencing in skb	10 years ago
atm	net: rework recvmsg handler msg_name and msg_namelen logic	11 years ago
ax25	net: rework recvmsg handler msg_name and msg_namelen logic	11 years ago
batman-adv	batman-adv: increase orig refcount when storing ref in gw_node	11 years ago
bluetooth	Bluetooth: Avoid use of session socket after the session gets freed	10 years ago
bridge	bridge: Fix br_should_learn to check vlan_enabled	10 years ago
caif	net: rework recvmsg handler msg_name and msg_namelen logic	11 years ago
can	net: Use netlink_ns_capable to verify the permisions of netlink messages	10 years ago
ceph	libceph: ceph-msgr workqueue needs a resque worker	10 years ago
core	net: fix checksum features handling in netif_skb_features()	10 years ago
dcb	net: Use netlink_ns_capable to verify the permisions of netlink messages	10 years ago
dccp	net:dccp: do not report ICMP redirects to user space	11 years ago
decnet	net: Use netlink_ns_capable to verify the permisions of netlink messages	10 years ago
dns_resolver	dns_resolver: assure that dns_query() result is null-terminated	10 years ago
dsa	net: dsa: inherit addr_assign_type along with dev_addr	11 years ago
ethernet	net: Fix sysfs_format_mac() code duplication.	11 years ago
ieee802154	6lowpan: fix lockdep splats	11 years ago
ipv4	ipv4: dst_entry leak in ip_send_unicast_reply()	10 years ago
ipv6	drivers/net, ipv6: Select IPv6 fragment idents for virtio UFO packets	10 years ago
ipx	net: rework recvmsg handler msg_name and msg_namelen logic	11 years ago
irda	net: rework recvmsg handler msg_name and msg_namelen logic	11 years ago
iucv	af_iucv: wrong mapping of sent and confirmed skbs	10 years ago
key
l2tp
lapb
llc
mac80211
mac802154
mpls
netfilter
netlabel
netlink
netrom
nfc
openvswitch
packet
phonet
rds
rfkill
rose
rxrpc
sched
sctp
sunrpc
tipc
unix
vmw_vsock
wimax
wireless
x25
xfrm
Kconfig
Makefile
compat.c
nonet.c
socket.c
sysctl_net.c

GitLab

Menu

Download source code

Download this directory